One of the advantages of our decades of combined experience is speed—we identify, prioritize and fix the causes of performance and stability problems as quickly and effectively as humanly possible. If you’ve got ColdFusion performance and/or stability problems, and you haven’t yet hired us for consulting, then I’d like to invite you to try our [...]
Seems there’s a lot of ColdFusion sites out there getting hit by an automated SQL Injection attack, which adds a “<script>” tag to varchar fields using a bit of SQL Server t-sql.
Many years ago, I wrote a script that would find and automatically <cfqueryparam> queries (which has been at Daryl’s ColdFusion Primer. I’ve dug [...]
Let’s jump right to some code.
::CODECOLORER_BLOCK_1::
versus:
::CODECOLORER_BLOCK_2::
They look pretty similar right? Near identical. Neither is really easier or harder to read. Performance wise, I suspect you couldn’t see much of a difference. If you’re thinking to yourself, “Aww geez Steve Nelson is about to go on a week long rampage about something.” You would be [...]
In my new effort to rid my life of global variables, I’ve been focusing on the arguments scope. I think the arguments scope is the key to solving this problem.
With my MVC-CFC framework I find it is easy as pie to live without global variables. In a nutshell, EVERYTHING is passed in through a <cfargument>. [...]
It’s been 10 years since I first heard someone say that global variables are bad news.
To be truthful I didn’t really understand the reason back then. The most common reason not to use global variables is the namespace argument. Basically the problem is that you can accidentally overwrite another variable. Yeah ok, I guess that’s [...]
We find people placing Windows servers “naked” on the Internet with
frightening regularity. Without any sort of firewall or packet filtering
protection, these machines make very easy targets for hackers. Even
if you have a firewall, adding host-based packet filtering adds an
additional layer of protection, though in that case you’ll have to
decide for yourself if the [...]
Yes, the use of the var scope is idiotic. I haven’t met a developer yet (in person) who thinks that Macromedia did it “right” with that keyword. But Steve’s opinion that you don’t need it because a CFC only needs two scopes isn’t fully fleshed-out, I think.
By default, the attributes that a VAR’ed variable [...]
Macromedia (Not Adobe, I assume) screwed up with this one.
The var keyword needs to go away.
Think about this for a minute. When was the last time you wanted to NOT use the VAR keyword in a CFC? Reread that sentence. I’m not suggesting we want to not var our variables. I’m suggesting we ALWAYS [...]
Have you ever tried turning off whitespace suppression and just looking at where the whitespace shows up when you view the HTML source? I’m referring to tags like cfsilent, cfsetting, functions like trim() etc. If you have a chance, try commenting out those tags and viewing your html source.
Of course we want to suppress the [...]
Upon returning from MAX 2006 in Las Vegas, my workstation was a little frozen. “No problem, a quick reboot,” I thought. Alas, “NO SYSTEM DISK OR DISK ERROR” greeted me. “Well at least I have RAID,” I thought.
Fat lot of good that did me.
After days and days of rebuilding my system (and only losing a [...]
